Specialists from Intel 471, which deals with cybersecurity, reported that since about mid-January 2021, the largest Russian-language hacker forums have been hacked in order to obtain personal information from users. Shortly thereafter, the data did indeed go up for sale on the darknet, and the information presented there is quite extensive. For example, an Intel 471 specialist said that, for example, there is a 35-page PDF document on sale containing private encryption keys that were used by the administration of the oldest Russian-language cybercriminals forum Maza – it was hacked just a couple of days ago, on March 3.
The document also contains ICQ numbers by which hackers can be easily tracked on other platforms where they are registered, as well as the full names of users, their email addresses, password hashes by which you can access the account itself, as well as many other additional contact information. It should be noted that the Maza forum is really considered an elite forum among Russian-speaking cybercriminals – you can register on it only by invitation. But, unfortunately, not only this forum suffered, but also its largest analogue Verified, which was hacked at the end of January.
Initially, the administration of the forum officially confirmed the fact of the hacking of the forum, after which it announced that the attackers only managed to intercept traffic through spoofed DNS servers in order to reset user passwords. However, other sources report that in fact, absolutely the entire database of the forum has leaked into the network, including personal data, personal correspondence between users, as well as information about cryptocurrency wallets and payments that were carried out between forum participants.
In addition, Exploit and Crdclub suffered, but their users did not lose their personal data – they intercepted traffic from Exploit for some time, and from Crdclub, an attacker on behalf of the administration convinced their users to transfer money through a new service that safely stole this money.